Surge in Email Attacks on Businesses Driven by Phishing Kits and AI Technology

The VIPRE Security Group has released its Q2 2025 Email Threat Landscape Report, highlighting significant findings from its ongoing analysis of global cybersecurity trends. The report reveals that 58% of phishing sites now utilise unidentifiable phishing kits, which are increasingly customised or obfuscated. These advanced kits are difficult for defenders to detect or analyse and often leverage artificial intelligence to minimise costs. Notable phishing kits mentioned include Evilginx (20%), Tycoon 2FA (10%), and 16shop (7%), with an additional 5% attributed to other generic offerings. The report describes these phishing kits as untraceable, stating that they “can’t easily be reverse-engineered, tracked, or caught.” This trend indicates a shift towards more sophisticated and challenging forms of phishing campaigns.

For the sixth consecutive quarter, the manufacturing sector remains the most targeted industry for email-based cyberattacks, accounting for 26% of all reported incidents. These attacks encompass business email compromise (BEC), phishing, and malspam. Following the manufacturing sector, the retail industry accounts for 20% of attacks, while healthcare comprises 19% of recorded incidents for Q2 2025. VIPRE notes that this distribution aligns with trends identified over the previous year. Additionally, the report highlights a significant increase in BEC attacks targeting Scandinavian executives. While English-speaking executives represent the largest group targeted by BEC emails (42%), a notable portion targets Danish executives (38%), with Swedish and Norwegian executives making up a combined 19%.